当前位置: 首页>>代码示例>>Java>>正文

Java JcaX509CertificateHolder类代码示例

本文整理汇总了Java中org.bouncycastle.cert.jcajce.JcaX509CertificateHolder的典型用法代码示例。如果您正苦于以下问题:Java JcaX509CertificateHolder类的具体用法?Java JcaX509CertificateHolder怎么用?Java JcaX509CertificateHolder使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。


JcaX509CertificateHolder类属于org.bouncycastle.cert.jcajce包,在下文中一共展示了JcaX509CertificateHolder类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: generateSignatureBlock

import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder; //导入依赖的package包/类
private static byte[] generateSignatureBlock(
        SignerConfig signerConfig, byte[] signatureFileBytes)
                throws InvalidKeyException, CertificateEncodingException, SignatureException {
    JcaCertStore certs = new JcaCertStore(signerConfig.certificates);
    X509Certificate signerCert = signerConfig.certificates.get(0);
    String jcaSignatureAlgorithm =
            getJcaSignatureAlgorithm(
                    signerCert.getPublicKey(), signerConfig.signatureDigestAlgorithm);
    try {
        ContentSigner signer =
                new JcaContentSignerBuilder(jcaSignatureAlgorithm)
                .build(signerConfig.privateKey);
        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
        gen.addSignerInfoGenerator(
                new SignerInfoGeneratorBuilder(
                        new JcaDigestCalculatorProviderBuilder().build(),
                        SignerInfoSignatureAlgorithmFinder.INSTANCE)
                        .setDirectSignature(true)
                        .build(signer, new JcaX509CertificateHolder(signerCert)));
        gen.addCertificates(certs);

        CMSSignedData sigData =
                gen.generate(new CMSProcessableByteArray(signatureFileBytes), false);

        ByteArrayOutputStream out = new ByteArrayOutputStream();
        try (ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded())) {
            DEROutputStream dos = new DEROutputStream(out);
            dos.writeObject(asn1.readObject());
        }
        return out.toByteArray();
    } catch (OperatorCreationException | CMSException | IOException e) {
        throw new SignatureException("Failed to generate signature", e);
    }
}
开发者ID:Meituan-Dianping,项目名称:walle,代码行数:35,代码来源:V1SchemeSigner.java

示例2: generateOCSPRequest

import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder; //导入依赖的package包/类
/**
 * Generates an OCSP request using BouncyCastle.
 * @param issuerCert	certificate of the issues
 * @param serialNumber	serial number
 * @return	an OCSP request
 * @throws OCSPException
 * @throws IOException
 */
private static OCSPReq generateOCSPRequest(X509Certificate issuerCert, BigInteger serialNumber) throws OCSPException, IOException, OperatorException, CertificateEncodingException {
    //Add provider BC
    Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
    
    JcaDigestCalculatorProviderBuilder digestCalculatorProviderBuilder = new JcaDigestCalculatorProviderBuilder();
    DigestCalculatorProvider digestCalculatorProvider = digestCalculatorProviderBuilder.build();
    DigestCalculator digestCalculator = digestCalculatorProvider.get(CertificateID.HASH_SHA1);
    // Generate the id for the certificate we are looking for
    CertificateID id = new CertificateID(digestCalculator, new JcaX509CertificateHolder(issuerCert), serialNumber);
    
    // basic request generation with nonce
    OCSPReqBuilder gen = new OCSPReqBuilder();
    
    gen.addRequest(id);
    
    // create details for nonce extension
    Extension ext = new Extension(OCSPObjectIdentifiers.id_pkix_ocsp_nonce, false, new DEROctetString(new DEROctetString(PdfEncryption.createDocumentId()).getEncoded()));
    gen.setRequestExtensions(new Extensions(new Extension[]{ext}));
    
    return gen.build();
}
开发者ID:albfernandez,项目名称:itext2,代码行数:30,代码来源:OcspClientBouncyCastle.java

示例3: isRevocationValid

import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder; //导入依赖的package包/类
/**
 * Checks if OCSP revocation refers to the document signing certificate.
 * @return true if it checks false otherwise
 * @since	2.1.6
 */
public boolean isRevocationValid() {
    if (basicResp == null)
        return false;
    if (signCerts.size() < 2)
        return false;
    try {
        X509Certificate[] cs = (X509Certificate[])getSignCertificateChain();
        SingleResp sr = basicResp.getResponses()[0];
        CertificateID cid = sr.getCertID();
        X509Certificate sigcer = getSigningCertificate();
        X509Certificate isscer = cs[1];
        CertificateID tis = new CertificateID(
           new JcaDigestCalculatorProviderBuilder().build().get(CertificateID.HASH_SHA1), new JcaX509CertificateHolder(isscer), sigcer.getSerialNumber());
        return tis.equals(cid);
    }
    catch (Exception ex) {
    }
    return false;
}
开发者ID:albfernandez,项目名称:itext2,代码行数:25,代码来源:PdfPKCS7.java

示例4: extractJidAndName

import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder; //导入依赖的package包/类
public static Pair<Jid,String> extractJidAndName(X509Certificate certificate) throws CertificateEncodingException, InvalidJidException, CertificateParsingException {
	Collection<List<?>> alternativeNames = certificate.getSubjectAlternativeNames();
	List<String> emails = new ArrayList<>();
	if (alternativeNames != null) {
		for(List<?> san : alternativeNames) {
			Integer type = (Integer) san.get(0);
			if (type == 1) {
				emails.add((String) san.get(1));
			}
		}
	}
	X500Name x500name = new JcaX509CertificateHolder(certificate).getSubject();
	if (emails.size() == 0) {
		emails.add(IETFUtils.valueToString(x500name.getRDNs(BCStyle.EmailAddress)[0].getFirst().getValue()));
	}
	String name = IETFUtils.valueToString(x500name.getRDNs(BCStyle.CN)[0].getFirst().getValue());
	if (emails.size() >= 1) {
		return new Pair<>(Jid.fromString(emails.get(0)), name);
	} else {
		return null;
	}
}
开发者ID:xavierle,项目名称:messengerxmpp,代码行数:23,代码来源:CryptoHelper.java

示例5: generateSignatureBlock

import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder; //导入依赖的package包/类
private static byte[] generateSignatureBlock(SignerConfig signerConfig, byte[] signatureFileBytes) throws InvalidKeyException, CertificateEncodingException, SignatureException {
	JcaCertStore certs = new JcaCertStore(signerConfig.certificates);
	X509Certificate signerCert = signerConfig.certificates.get(0);
	String jcaSignatureAlgorithm = getJcaSignatureAlgorithm(signerCert.getPublicKey(), signerConfig.signatureDigestAlgorithm);
	try {
		ContentSigner signer = new JcaContentSignerBuilder(jcaSignatureAlgorithm).build(signerConfig.privateKey);
		CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
		gen.addSignerInfoGenerator(new SignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().build(), SignerInfoSignatureAlgorithmFinder.INSTANCE).setDirectSignature(true).build(signer,
				new JcaX509CertificateHolder(signerCert)));
		gen.addCertificates(certs);

		CMSSignedData sigData = gen.generate(new CMSProcessableByteArray(signatureFileBytes), false);

		ByteArrayOutputStream out = new ByteArrayOutputStream();
		try (ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded())) {
			DEROutputStream dos = new DEROutputStream(out);
			dos.writeObject(asn1.readObject());
		}
		return out.toByteArray();
	} catch (OperatorCreationException | CMSException | IOException e) {
		throw new SignatureException("Failed to generate signature", e);
	}
}
开发者ID:abutun,项目名称:apk-verifier,代码行数:24,代码来源:V1SchemeSigner.java

示例6: getCertificates

import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder; //导入依赖的package包/类
private static X509CertificateHolder[] getCertificates(X509Certificate[] certs)
{
    X509CertificateHolder[] certHldrs = new X509CertificateHolder[certs.length];

    try
    {
        for (int i = 0; i != certHldrs.length; i++)
        {
            certHldrs[i] = new JcaX509CertificateHolder(certs[i]);
        }

        return certHldrs;
    }
    catch (CertificateEncodingException e)
    {
        throw new IllegalArgumentException("Unable to process certificates: " + e.getMessage());
    }
}
开发者ID:thedrummeraki,项目名称:Aki-SSL,代码行数:19,代码来源:JcaPKIXIdentity.java

示例7: checkAuthorityKeyIdentifierExtenstion

import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder; //导入依赖的package包/类
private void checkAuthorityKeyIdentifierExtenstion(final X509Certificate cert, final CaCert caCert) throws CertificateEncodingException, IOException {
    final JcaX509ExtensionUtils extUtils = jcaX509ExtensionUtils();
    final byte[] extValue = cert.getExtensionValue(OID.AUTHORITY_KEY_IDENIFIER.oid.getId());
    assertThat(extValue, is(notNullValue()));
    final byte[] expectedExtValue = X509CertExtension.builder()
            .oid(Extension.authorityKeyIdentifier)
            .value(extUtils.createAuthorityKeyIdentifier(caCert.getCert()))
            .critical(false)
            .build()
            .toExtension()
            .getExtnValue()
            .getEncoded(DER.name());
    assertThat(Arrays.areEqual(extValue, expectedExtValue), is(true));

    final X509CertificateHolder certHolder = new JcaX509CertificateHolder(cert);
    final Extension ext = certHolder.getExtensions().getExtension(OID.AUTHORITY_KEY_IDENIFIER.oid);
    assertThat(ext, is(notNullValue()));
    assertThat(Arrays.areEqual(ext.getExtnValue().getEncoded(DER.name()), expectedExtValue), is(true));
}
开发者ID:runrightfast,项目名称:runrightfast-vertx,代码行数:20,代码来源:CertificateServiceImplTest.java

示例8: checkSubjectKeyIdentifierExtenstion

import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder; //导入依赖的package包/类
private void checkSubjectKeyIdentifierExtenstion(final X509Certificate cert) throws CertificateEncodingException, IOException {
    final JcaX509ExtensionUtils extUtils = jcaX509ExtensionUtils();
    final byte[] extValue = cert.getExtensionValue(OID.SUBJECT_KEY_IDENIFIER.oid.getId());
    assertThat(extValue, is(notNullValue()));
    final byte[] expectedExtValue = X509CertExtension.builder()
            .oid(Extension.subjectKeyIdentifier)
            .value(extUtils.createSubjectKeyIdentifier(cert.getPublicKey()))
            .critical(false)
            .build()
            .toExtension()
            .getExtnValue()
            .getEncoded(DER.name());
    assertThat(Arrays.areEqual(extValue, expectedExtValue), is(true));

    final X509CertificateHolder certHolder = new JcaX509CertificateHolder(cert);
    final Extension ext = certHolder.getExtensions().getExtension(OID.SUBJECT_KEY_IDENIFIER.oid);
    assertThat(ext, is(notNullValue()));
    assertThat(Arrays.areEqual(ext.getExtnValue().getEncoded(DER.name()), expectedExtValue), is(true));
}
开发者ID:runrightfast,项目名称:runrightfast-vertx,代码行数:20,代码来源:CertificateServiceImplTest.java

示例9: loadSigningCertificateChain

import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder; //导入依赖的package包/类
private static X509Certificate[] loadSigningCertificateChain() {
    KeyStore keyStore = loadKeyStore();

    try {
        Certificate[] certificateChain = keyStore.getCertificateChain("ocsp-signing");
        X509Certificate[] x509CertificateChain = new X509Certificate[certificateChain.length];
        for (int i = 0; i < certificateChain.length; ++i) {
            x509CertificateChain[i] = (X509Certificate) certificateChain[i];
        }
        signingCertificate = x509CertificateChain[0];
        issuingCertificate = x509CertificateChain[1];
        signingCertificateChain = new X509CertificateHolder[certificateChain.length];
        for (int i = 0; i < signingCertificateChain.length; ++i) {
            signingCertificateChain[i] = new JcaX509CertificateHolder(x509CertificateChain[i]);
        }

        return x509CertificateChain;
    } catch (KeyStoreException | CertificateEncodingException e) {
        throw new RuntimeException(e);
    }
}
开发者ID:wdawson,项目名称:revoker,代码行数:22,代码来源:OCSPResponderResourceTest.java

示例10: writeFragment

import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder; //导入依赖的package包/类
public void writeFragment(byte[] fragment)
    throws Exception
{
    if (cmsOut == null)
    {
        KeyStore nodeCAStore = nodeContext.getNodeCAStore();

        Certificate[] nodeCerts = nodeCAStore.getCertificateChain("nodeCA");

        cmsGen.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider("BC").build("SHA256withECDSA", (PrivateKey)nodeCAStore.getKey("nodeCA", new char[0]), (X509Certificate)nodeCerts[0]));

        for (Certificate cert : nodeCerts)
        {
            cmsGen.addCertificate(new JcaX509CertificateHolder((X509Certificate)cert));
        }

        cmsOut = cmsGen.open(bOut, true);
    }

    cmsOut.write(fragment);
}
开发者ID:cwgit,项目名称:ximix,代码行数:22,代码来源:BoardHostingService.java

示例11: testVPKCRequest

import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder; //导入依赖的package包/类
public void testVPKCRequest()
    throws Exception
{
    SignedDVCSMessageGenerator gen = getSignedDVCSMessageGenerator();

    VPKCRequestBuilder reqBuilder = new VPKCRequestBuilder();

    reqBuilder.addTargetChain(new JcaX509CertificateHolder(signCert));

    CMSSignedData reqMsg = gen.build(reqBuilder.build());

    assertTrue(reqMsg.verifySignatures(new SignerInformationVerifierProvider()
    {
        public SignerInformationVerifier get(SignerId sid)
            throws OperatorCreationException
        {
            return new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(signCert);
        }
    }));

    DVCSRequest request = new DVCSRequest(reqMsg);

    VPKCRequestData reqData = (VPKCRequestData)request.getData();

    assertEquals(new TargetEtcChain(new CertEtcToken(CertEtcToken.TAG_CERTIFICATE, new JcaX509CertificateHolder(signCert).toASN1Structure())), ((TargetChain)reqData.getCerts().get(0)).toASN1Structure());
}
开发者ID:credentials,项目名称:irma_future_id,代码行数:27,代码来源:AllTests.java

示例12: build

import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder; //导入依赖的package包/类
public SignerInfoGenerator build(String algorithmName, PrivateKey privateKey, X509Certificate certificate)
    throws OperatorCreationException, CertificateEncodingException
{
    ContentSigner contentSigner = helper.createContentSigner(algorithmName, privateKey);

    return configureAndBuild().build(contentSigner, new JcaX509CertificateHolder(certificate));
}
开发者ID:Appdome,项目名称:ipack,代码行数:8,代码来源:JcaSimpleSignerInfoGeneratorBuilder.java

示例13: getSubjectCNFromCertificate

import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder; //导入依赖的package包/类
public static String getSubjectCNFromCertificate(X509Certificate certificate) {
    try {
        X500Name x500name = new JcaX509CertificateHolder(certificate).getIssuer();
        RDN cn = x500name.getRDNs(BCStyle.CN)[0];
        return IETFUtils.valueToString(cn.getFirst().getValue());
    } catch (CertificateEncodingException e) {
        log.error("Unable to get issuer CN", e);
        return null;
    }
}
开发者ID:e-gov,项目名称:TARA-Server,代码行数:11,代码来源:X509Utils.java

示例14: generateCertificateIdForRequest

import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder; //导入依赖的package包/类
private CertificateID generateCertificateIdForRequest(BigInteger userCertSerialNumber, X509Certificate issuerCert)
    throws OperatorCreationException, CertificateEncodingException, OCSPException {
    Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
    return new CertificateID(
        new JcaDigestCalculatorProviderBuilder().build().get(CertificateID.HASH_SHA1),
        new JcaX509CertificateHolder(issuerCert), userCertSerialNumber);
}
开发者ID:e-gov,项目名称:TARA-Server,代码行数:8,代码来源:OCSPValidator.java

示例15: extractJidAndName

import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder; //导入依赖的package包/类
public static Pair<Jid,String> extractJidAndName(X509Certificate certificate) throws CertificateEncodingException, InvalidJidException, CertificateParsingException {
	Collection<List<?>> alternativeNames = certificate.getSubjectAlternativeNames();
	List<String> emails = new ArrayList<>();
	if (alternativeNames != null) {
		for(List<?> san : alternativeNames) {
			Integer type = (Integer) san.get(0);
			if (type == 1) {
				emails.add((String) san.get(1));
			}
		}
	}
	X500Name x500name = new JcaX509CertificateHolder(certificate).getSubject();
	if (emails.size() == 0 && x500name.getRDNs(BCStyle.EmailAddress).length > 0) {
		emails.add(IETFUtils.valueToString(x500name.getRDNs(BCStyle.EmailAddress)[0].getFirst().getValue()));
	}
	String name = x500name.getRDNs(BCStyle.CN).length > 0 ? IETFUtils.valueToString(x500name.getRDNs(BCStyle.CN)[0].getFirst().getValue()) : null;
	if (emails.size() >= 1) {
		return new Pair<>(Jid.fromString(emails.get(0)), name);
	} else if (name != null){
		try {
			Jid jid = Jid.fromString(name);
			if (jid.isBareJid() && !jid.isDomainJid()) {
				return new Pair<>(jid,null);
			}
		} catch (InvalidJidException e) {
			return null;
		}
	}
	return null;
}
开发者ID:syntafin,项目名称:TenguChat,代码行数:31,代码来源:CryptoHelper.java


注:本文中的org.bouncycastle.cert.jcajce.JcaX509CertificateHolder类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。